From 8b29ec4f1e560b1376ba77ce4910365126801920 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sat, 10 Nov 2018 16:17:55 +0100
Subject: fix the fix: ff6612fac86e1a79ba264167f0263ff12f62f346

---
 src/firecfg/main.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/firecfg/main.c b/src/firecfg/main.c
index b1a3b7427..84f6a5f77 100644
--- a/src/firecfg/main.c
+++ b/src/firecfg/main.c
@@ -316,9 +316,6 @@ int main(int argc, char **argv) {
 	int i;
 	int bindir_set = 0;
 
-	// set umask
-	umask(022);
-
 	// user setup
 	char *user = get_user();
 	assert(user);
@@ -382,6 +379,8 @@ int main(int argc, char **argv) {
 				exit(1);
 			}
 
+			// set umask, access database must be world-readable
+			umask(022);
 			for (j = i + 1; j < argc; j++) {
 				printf("Adding user %s to Firejail access database in %s/firejail.users\n", argv[j], SYSCONFDIR);
 				firejail_user_add(argv[j]);
@@ -436,7 +435,10 @@ int main(int argc, char **argv) {
 	// add user to firejail access database - only for root
 	if (getuid() == 0) {
 		printf("\nAdding user %s to Firejail access database in %s/firejail.users\n", user, SYSCONFDIR);
+		// temporarily set the umask, access database must be world-readable
+		mode_t orig_umask = umask(022);
 		firejail_user_add(user);
+		umask(orig_umask);
 	}
 
 	// set new symlinks based on ~/.config/firejail directory
-- 
cgit v1.2.3-54-g00ecf